U.S. voters’ personal information exposed on the internet
WASHINGTON — A Virginia data firm working for the Republican National Committee left voting records of 198 million Americans exposed on the internet and accessible to anyone, a California cybersecurity firm said Monday.
The data firm, Deep Root Analytics, not only left exposed the vast national database but also precise and painstaking projections for most voters of their projected attitudes on a variety of issues including Obamacare, lower taxes, immigration, fossil fuels and environmental consciousness.
The records were exposed to anyone who knew rudimentary search techniques, said UpGuard, a Mountain View, Calif., cybersecurity firm, but the records have since been secured again.
The enormous national database included names, dates of birth, home addresses, phone numbers, party affiliation, racial demographics and voter registration status, UpGuard said in its internet post.
There is no indication that the database had been tapped by any other unauthorized parties while it was unprotected during what some are describing as the largest leak of voter information in history.
The files do not appear to include Social Security or credit card information, but malicious hackers routinely conduct such scans of the internet looking for unprotected files they can exploit. And to those who may have found them, the files painted a detailed portrait of virtually all of America’s roughly 200 million voters.
“The fact is that if you’re a registered voter, your personal information was exposed here. I think that will be troubling to a lot of people,” said Dan O’Sullivan, a cyber resilience analyst at UpGuard.
“They’re using this information to create political dossiers on individuals that are now available for anyone,” said Jeffrey Chester, executive director of the Center for Digital Democracy. “These political data firms might as well be working for the Russians.”
Deep Root Analytics issued a statement saying the information “was accessed without our knowledge.”
The RNC said in a statement that it “has has halted any further work with the company pending the conclusion of their investigation into security procedures.”